Google want to take Revenge on Hatefull Hackers with free DDOS prevention Tool called project sheild

HATEFUL HACKERS angry about freedom of speech will find it difficult to take down news and human rights sites with distributed denial-of-service (DDoS) attacks thanks to the release of Google’s Project Shield.

Project Shield is designed to reroute traffic through Google's web infrastructure, and is being offered as a free tool to news organisations and websites seeking to expose corruption.

The tool distinguishes genuine visitors from malicious traffic through the use of an intermediate reverse proxy server, helping to keep small websites online if they lack the infrastructure to manage a DDoS attack.

"Project Shield welcomes applications from websites serving news. Human rights and elections monitoring content are also welcome to apply. We do not provide the service to other types of content, including gaming, businesses or individual blogs," said Google.

DDoS attacks are normally triggered when a hacker group, sometimes acting alone or with state sponsorship, takes umbrage with the comments or information on a news site or activist website.

Google needs websites looking to use Project Shield to offer visibility into the traffic they receive to allow the firm to filter out the malicious traffic. This sounds a little sneaky to us, but Google said that it will keep the data for only two weeks, at which point it will be added to an aggregated pool of anonymous data for analysis about potential future attacks.

"Project Shield only uses the data we obtain (such as logs from the Project Shield servers) for DDoS mitigation and caching and to improve the Project Shield service," said Google.

Project Shield forms part of Google’s Jigsaw division, which aims to create products and services that "help people investigate corruption". It has a Digital Attack Map that displays the tens of thousands of attacks directed at the websites of news organisations, businesses and charities to provide a better understanding of the raw data behind DDoS attacks.

Jigsaw also has the Password Alert service that can warn crusading journalists and activists if their Google password is being entered into a dodgy log-in page looking to swipe the credentials through phishing attacks.

Google's Project Zero security research team, on the other hand, has the controversial objective of exposing flaws in the software of others, such as the glibc bug that exposed thousands of Linux apps and IoT devices to hacks.µ

To hear more about security challenges, the threats they pose and how to combat them, sign up for The INQUIRER sister site Computing's Enterprise Security and Risk Management conference, taking place on 24 November.